Posted
by
samzenpus
on Monday August 06, 2012 @02:08PM
from the no-silver-lining dept.

Hugh Pickens writes "'I think it's going to be horrendous,' said Apple co-founder Steve Wozniak when asked about the shift away from hard disks towards uploading data into the cloud. The comment came in a post-performance dialogue with audience members after a performance in Washington of The Agony and the Ecstasy of Steve Jobs, monologist Mike Daisey's controversial two-hour expose of Apple's labor conditions in China. 'I think there are going to be a lot of horrible problems in the next five years.' The engineering wizard behind the progenitor of today's personal computer, the Apple II, expanded on what really worried him about the cloud. 'With the cloud, you don't own anything. You already signed it away through the legalistic terms of service with a cloud provider that computer users must agree to. I want to feel that I own things,' Wozniak said. 'A lot of people feel, "Oh, everything is really on my computer," but I say the more we transfer everything onto the web, onto the cloud, the less we're going to have control over it.'"

We've already seen what can happen when a cloud service goes down. Amazon and Microsoft's Azure have both went down recently, causing havoc for many businesses. When Megaupload went down, it caused a huge loss for many legitimate customers as well. If your Steam account gets suspended, or you disagree with the new TOS - you're shit out of luck, all that you "own" is gone for good and you can't do shit about it. Dropbox lost a shitload of emails due to a security breach, Sony lost the details for 70million+ customers for a similar reason. Every single example of a cloud operation that I can think of, be it a service or a product, has had issues and it's not going to change.

The cloud is a wonderful idea in principal, but we need a completely different outlook on it. And possibly a hell of a lot of new laws governing ownership of the content.

for years car dealers pushed monthly payments to clueless buyers to scam them into higher prices. same with the cloud.

dropbox, only $100 a yearcloud storage of music? $25 a year via itunes or amazonremote backup? $50 a yearvirtual server? $xxxx a month. oh you don't like the service, OK just buy your own for $15000 plus hosting

dollar here and dollar there and soon its real money

when you think about it a machine at your location is a consumer class CPU/hard drive. cloud provider will have multiple machines with enterprise class CPU's, overpriced enterprise hard drives, precious metal support contracts, etc. I bet the hardware vendors love it and are pushing the cloud hype through the tech media

Moving to the cloud, whether Apple or Microsoft or any of the other players, has two main purposes:

- Guarantee ongoing profits through subscriptions and micro-payments to the providers for storage, use of cloud-based applications, or viewing or listening to cloud-based media.

- Control of digital media, making DRM easy to enforce since your audio and video files will all be on their servers to be scanned, audited, and confiscated.

Even with the fluctuating prices for hard drives the cost to store media locally is lower than ever, and there are plenty of options for sharing your media over the web yourself due to the low cost of high speed Internet access.

I disagree. there are some valid applications for the cloud, such as outsourcing low volume or low priority services such as FTP or fax. But once you cross the line into storing office documents then the business risk grows exponentially. It is all about finding a balance.

Cloud providers for one. They can charge rates near the cost of a full fledged data center [1], and they really have no responsibilities for security or backups. Security breaches can be hushed with the finger pointed at the client. Legal action? If someone finds something sue-able, good luck getting past the binding arbitration clause which essentially sue-proofs the cloud provider. Of course, don't forget that if/when that cloud provider goes under, the next owner has full and unrestricted access to the server data (the data from Borders being bought out by B&N comes to mind). Far less scrupulous organizations can buy the servers too. PII? Here is the magnet link, hope someone cares enough to keep the seed going.

PHBs without any ITIL or other basic IT experience love the cloud. It means that someone else shoulders things and keeps staff small. Plus, it isn't their responsibility should data get lost or a security breach happen. By the time blame actually gets assigned, the breach would be forgotten about.

Blackhats love the cloud. Imagine having access to the backend hard drives of hundreds of businesses, all at once. Just sit back and copy anything relevant, or if bored with a business, start altering some figures on stored documents so that company faces big penalties from the IRS or the EU. If an intruder really hates the cloud provider, it doesn't take much to drop all backend LUNs, stored snapshots, and replications.

ISPs love the cloud. They can also watch the bits fly past, not to mention the bandwidth costs for businesses relying on the cloud.

Of course, the cloud has its uses. However, once someone gets an encryption key management framework in place, an ability to have known good backups, yadda, yadda, with the bandwidth charges and charges for fatter pipes to and from the cloud service, it might be far cheaper to just have a data center.

[1]: Regardless of where the servers are located, a company has to buy them to host locally, or is going to pay someone else's cost to have them in their facility. The cost of the server will be paid for, somehow.

Oh, my. Where to even start? First, where's the controversy? Who is against Apple's labor conditions in China? Nobody. Popular wisdom has workers jumping to their deaths in order to escape Apple's tyranny. Where is the opposition that this brave monologist is so bravely and controversially standing against?

Second, Apple doesn't even employ the workers in China. Foxconn does. If you think you can dictate terms to your Chinese contractor regarding worker conditions, you are dead wrong, mister. You can write a contract, you can inspect the factory, you can do anything you like. At the end of the day, it's the Chinese factory's decision regarding how they will conduct their own business. Foreigners dictating terms to Chinese which the Chinese will obey without exception...what's that called again? Oh, right...imperialism.

Thirdly, Foxconn's workers are well-paid and well-treated, by Chinese standards. Remember, China is a socialist state, and workers are represented by officially approved unions. The All China Federation of Trade Unions (ACFTU) is a government-run organization that has been implementing aggressive unionization tactics aimed at foreign companies in China since the middle of 2006. Just think of how the US government intervened to keep the GM unions afloat and you'll get the right idea of how things work in China. The Labor Law of 2008 requires that any employee who completes a 1-year contract, upon renewal of that contract, be employed for life [pacificbridge.com]. How is Apple supposed to improve on lifetime employment, exactly? I'm not an Apple fanboi, I hate them as much as anyone who loves innovation and despises walled gardens, but jeez. How, exactly, should Apple dictate terms to Foxconn without recalling the bad old days of unequal treaties and foreign enclaves?

Fourthly, what does monologist Mike Daisey think should be done? Pay Chinese workers Western wages? This would invalidate the entire idea of moving production to China. It would render millions of Chinese people unemployable - in favor of Western people. What's that called again? Oh, right: jingoism. Or protectionism, take your pick. Either word is repugnant.

I wish I could attribute the quote, but someone said that, as far as us old IT farts are concerned, "the cloud" is just a synonym for "someone else's server."

There are people that know stuff in IT and there are bullshit marketing artists. The latter category are the ones that think "the cloud" is something new. People will put too much data to "the cloud" and get burned and the pendulum will swing back the other way again to local storage.

I think Steve has been asleep for the past decade or so, here a few services that we spend 99% of our time on and don't own:
Ebay
Paypal
Webmail
Webdisk / Webstorage
Photobucket et al
YouTube
Facebook, myspace et al
Netflix
We don't own squat...

Yeah because the true genius that is Woz went on to do so much later in life and it's not like he's still collecting a paycheck from the big bad evil Apple.

Look, I like the guy too but just because he's ignored / unknown by most people doesn't mean he's the greatest fountain of knowledge. It could just mean he's happy doing very little while sitting on his big ass pile of money as i probably would be too.

There is nothing wrong with storing data or doing tasks on the internet. Like anything else being overly reliant on it or using it where it doesn't make sense is dumb. However things like the nearly $5,000 per hours super computer set up on Amazon for cancer research is isn't something easily achievable on physical hardware. Not because it's not possible but because it's pretty fucking expensive.

Even simple things. It made sense ot put files, like MP3s, I wanted access to on an FTP site and it makes more sense for me to put them somewhere more acessible to more of my devices. Some of us leave our mother's basement so it's nice to have things off our desktop.

All of your points are correct but the risks are certainly manageable with due diligence and planning.

Amazon and Microsoft's Azure have both went down recently, causing havoc for many businesses.

We don't use either of these services since we don't really need the scale but I would imagine that provided they didn't go down too long, money is still saved in the aggregate. You have to look at the numbers and strike the right balance. What is the likely downtime of $CLOUD_IAAS_PROVIDER? Will that much downtime cost us more in money, goodwill, and customers than just building and maintaining our own gear? What hurts is just jumping on the bandwagon with both eyes closed. We use Google Apps here but we also keep copies of all of our documents and emails on the premises. The value adds like collaborative editing, etc. are nice but we could go a few hours without them. And we might not be able to get new emails during an outage but we can definitely read the old ones and send what we need to with different accounts temporarily. Running our own mail server isn't really something we're interested in getting into but so far Google's been pretty reliable and they'd be damn fools to misuse the little amount of strategic info they could glean from our communications as the goodwill fallout if something like that came to light would destroy them.

When Megaupload went down, it caused a huge loss for many legitimate customers as well.

A stack of blank DVDs is like 10 bucks at the walgreens down the street. There is no way I would make the mistake of thinking that something like filestube.com or 4shared.com is some kind of legitimate back up service. That's pretty much laughable. Hopefully the word got out to people that don't realize this and they won't be making the same mistake again.

If your Steam account gets suspended, or you disagree with the new TOS - you're shit out of luck, all that you "own" is gone for good and you can't do shit about it.

I've never bought anything through Steam but as far as I can tell, the only thing you actually have to pay for is the games and DLC for the games you have. The social features are just added stickiness keeping people there but you aren't directly paying for them. I have a Steam account but only as a test of installing the client on Linux. It works, I can browse stuff and participate but I've never spent a dime. I say that to say this, if I lost access to my games, I'm pretty sure I could find some backups [google.com] somewhere. I paid so I wouldn't feel bad at all doing that.

Dropbox lost a shitload of emails due to a security breach

That didn't have anything to do with their cloud stuff though as that was chalked up to an employee's stupidity of having a weak password on a laptop or something. It could have happened to anybody that happened to have some personal info about users. I think the UK lost a bunch of data a while back by some goof being careless.

Sony lost the details for 70million+ customers for a similar reason

Heh. Sony. No sympathy. Their customers didn't deserve that though. My suggestion is use a different email for all of your online stuff. Maybe use some pattern like oakgroveSony@gmail.com or whatever floats your boat. Same thing for passwords. Of course nobody does that but it is a solution.

Every single example of a cloud operation that I can think of, be it a service or a product, has had issues and it's not going to change.

Yeah, if it's a server hooked up to the 'net, it has the potential to be hacked. Act accordingly and encrypt your data if you're uploading files, make backups, don't use the same credentials across different sites as you are trusting the security of the person you gave those credentials to and always assume that the provider will go under at some point or be bought out. Personally I use "cloud" services like its going out of style but I keep my wits about me and have had no problems yet.

All our money, financials, retirement plans, and other critical data have been "in the cloud" for many decades. The whole argument that you have no control or the data is on 'someone else's server' is pretty silly. Banking, for example, has worked infinitely better than people stuffing cash under their bed mattresses and counting it every day just to make sure its all still there and hoping someone doesn't break in and steal it.

It is far easier, safer and more cost effective to protect something of value stored in a central location (vault) than it is for everyone to try and do it themselves. As a benefit, the biggest cloud providers can hire the worlds best security and software engineers to ensure it remains secure and available, and they can roll out a single patch to fix any bugs instantly - compared to millions of small shops remaining vulnerable for years. In effect, you can do things at scale that could never be achieved by all the endless companies and individuals on their own.

So long as it's trivial to sync to your own privately held computer infrastructure.

For storage, I love the concept of a provider keeping bits (that I have pre-gpged) for my reference. The problem is the trend seems to be more and more limited and convoluted storage capability in favor of more exploitive pricing and schemes (e.g. Amazon changing from a modest capacity to a pathetic song count on their cloud).

For compute, so long as you own the DNS name and all the data needed to reconstruct your presence elsewhere, it gives smaller businesses a chance to have a presence without a lot of up-frot cost. Too bad the trend is overwhelmingly fewer and fewer businesses making this benefit moot.

I have my music (ripped from CDs that I still have and even some cassette tapes - all legal) on Google Music for easy access from work computers, my phone, etc. But I can easily imagine at some time in the future where those songs "disappear" from Google due to some sort of automated "take down" because they don't have "any record" of me purchasing those albums in the 80's and 90's (with cash). The cloud providers will be pressured more and more by the cartels that are in charge of most commercial content creation and distribution (yeah, the MPAA, RIAA and their non-US partner organizations). We definitely have not made it to a place where we - as "consumers" have clear ownership of much of anything. I guess I do own the plastic that makes up the CDs and DVDs I bought years ago. But the content is definitely covered by some sort of license as well as copyright and changing laws and rules may well make your data disappear from cloud sources. The Woz has a good point. Go ahead and use the cloud - but keep copies locally too. There probably will be rights conflicts. There will be outages. There will be meltdowns (whether due to finances or government overreaches like with MegaUpload). Just be careful; that's always good advice.

But let's not also forget the "The price of freedom is eternal vigilance" flipside of this coin:

At Home: Make your own backups. In Cloud: Included feature, depending on service. (but make your own backups, too!)At Home: Downtime based on home equipment & residential net access. In Cloud: Hot failover of equipment and connectivity.

The first is pretty important, and far too often overlooked. The second is just a non-catastrophic cost vs simplicity tradeoff, but still should be weighed.

Yea. Three days after Apple gives an attacker access to an iCloud account that then wipes several of the owner's devices (and deletes his Google account among other damage), the Woz "predicts" that horrible problems may happen. I've been avoiding "the cloud" and telling my friends to do the same. He's smart, I'm paranoid.

I backup at home and remotely. What's the point of only backing up in one place? Your host could go up in flames or your house can go up in flames. I think he's missing out on that and is assuming that storing things in the cloud only means storing them on questionably secure services like dropbox.

It's maintenance. No one does it. They pay fantastic sums of money to retrieve really strongly valued data. Why?

The real secret is that it isn't fear, it's sloth.

Some of my data is priceless to me. I have a backup here, and one far, far away from me. There's a third being cached as I write this. To others, they could care less. This is my data.

What they missed was: data has value like the currency in your billfold. Not the onesyes, but the hundred dollar/euro/whatever bills. And a fat fistfull of them. Backup to the cloud? Ok. When I see the SAS70-II and the vendor's commitment to best practices and an F5 NOC with dual grids and a 48hr UPS, yes, I'll backup to the cloud. And yes, I found one, but I'm not a shill.

The answer to all of this is encryption and strong contractual agreements.

"Cloud" is a fucked up retarded marketing term. It is not any different, or more special, than any other group of servers that have load balancing, virtualization, redundancy, hot fail overs, redundancy across multiple data servers, etc. Why people give it special significance is beyond me. Heck, i'm running my own mini-cloud at home and in a several datacenters then.

There is nothing inherently wrong with SaaS. It can be vastly cheaper to pay a 3rd party corporation to host something for you, and benefit from their platform coding costs being distributed across hundreds of businesses.

For businesses, it can be a very smart choice. Strong contractual agreements with a reputable company and offsite backups of your data, or rsync'd copies of your data to your own backup, can greatly mitigate whatever concerns that there are.

If you are hosting your data elsewhere, ENCRYPT IT. Not rocket science here. Same thing at home. Government wants to come in and take it? Sure. It will take lawyers and extensive jail time to get the keys from me.

There are a plethora of online backup solutions now that have encryption setups where they have no way of turning over the keys to the government.

The "cloud" is perfectly fine and as long as you are using it correctly with the appropriate safeguards.

Of course, I would never personally store plain text data in the "cloud" that can be data mined. They can lick my balls first. I might possibly make an exception for a service that had very strong contractual language that prevented them from doing so, but that is still unlikely.

I hate the term "the cloud". It's fucking remote servers is all. I can just see some guy with 20 years experience managing network server applies for a job and HR screens him because he doesn't have "Cloud" in his resume. It's a stupid marketing term that people are taking for a technology.

In that case you may as well just dump the stuff in a directory on a webserver anywhere on the planet.The problem with dropbox is it pretends to be secure and useful but is instead a pointless polished turd.